World+Dog gets annual security heebie jeebies

SOME TIME in the next two to four weeks, there will be an onslaught of reports about the most horrible, terrible security holes known to mankind, at least for this year.

Why? Two factors: The summer is a very slow month for tech news, so hacks around the globe will latch on to the flood of news coming out of Las Vegas the first weekend in August at the DEFCON (www.defcon.org) - number 14 if you've been keeping track.

It doesn't hurt that some of the presenters are more than happy to pimp themselves for some PR and consulting leads.

DEFCON started out as part party, part information exchange and grew into a large forum for security types of all stripes to get together and learn about the latest and greatest. It is perhaps the only event on the planet where you'll find "The Feds" - representatives from various departments of the United States Government and sometimes other governments - speaking to a ballroom full of people with higher-than-average IQs.

This year's dedicated panel of "Meet the Fed" includes representatives from New South Wales Police (Sydney, Australia, G'day!), Internal Revenue Service, US Postal Service, National Security Agency, FBI, NCIS, and the CIA. You'll also find an Assistant Professor of Computer Science from West Point and a senior lawyer from the Army speaking, and various other governmental representatives roaming the hallways and giving presentations.

Exactly how many feds are in attendance is unknown, since DEFCON only takes $100 cash for admission and doesn't collect data upon registration. You hand over your money, you get your badge, that's it. No credit cards, no checks, no paper trail for any of the participants, so the feds can't go looking through DEFCON records since they don't exist. Not that something like that would ever happen, eh?

But the feds are only a small part of the fun and excitement. Ignore the people in various states of undress with purple hair and multiple visible piercings and turn to some of the more interesting presentations.

Everyone's heard of the sport of Wardriving, wandering around with a laptop and the appropriate software to discover open Wi-Fi hotspots. WarRocketing goes a step farther, putting a rocket up in the area to scan up to 50 square miles of territory in less than 60 seconds. No more blockage of Wi-Fi signals by trees, houses, and terrain.

Only at DEFCON would you have a researcher from the University of Auckland, New Zealand examine the technical and psychological factors involved in phishing attacks and how to optimize such attacks by exploiting user behavior and security user interface design.

It's also interesting to pick up the latest "hot" hacking topics. RFID hacking gets two speaking slots, including a session dedicated to RFID Spoofing and Jamming. Interestingly, both of the RFID speakers are coming from Europe. Melanie Rieback is working on her PhD in Computer Systems at the Vrije Universiteit in Amsterdam while Lukas Grunwald works for a German Security company.

Since RFID technology can be found everywhere from the local Wal-Mart to new passports, it is one topic that is likely to get more coverage in August. µ